Month: June 2014

Hi All, these days most of the people are asking me how to execute Spring Security in their Applications, as i did not worked on it, i thought of implementing myself, and here is the outcome(this post).Sometimes you need to secure our application page from unauthorized access. In the below example, we will ensure secure URL access by providing custom Login form . User need to provide correct login credential to view the page.

In above congratulation, the /admin and sub-folders of it are all password protected.Cross Site Request Forgery (CSRF) Protection, If CSRF is enabled, you have to include a _csrf.token in the page you want to login or logout.

Hello to everyone, in my last post we have seen how to create a stateless session bean and call it from Java Client(Standalone Java code). Today in this post we are going to see how to call Entity Beans from a statefull session bean.

Stateful vs. Stateless Session Beans

A stateful session bean will maintain a conversational state with a client. The state of the session is maintained for the duration of the conversation between the client and the stateful session bean. When the client removes the stateful session bean, its session ends and the state is destroyed. The transient nature of the state of the stateful session bean should not be problematic for either the client or the bean, because once the conversation between the client and the stateful session bean ends, neither the client nor the stateful session bean should have any use for the state.

A stateless session bean will not maintain conversational states for specific clients longer than the period of an individual method invocation. Instance variables used by a method of a stateless bean may have a state, but only for the duration of the method invocation. After a method has finished running either successfully or unsuccessfully, the states of all its instance variables are dropped. The transient nature of this state gives the stateless session bean beneficial attributes, such as the following:

Bean pooling Any stateless session bean method instance that is not currently invoked is equally available to be called by an EJB container or application server to service the request of a client. This allows the EJB container to pool stateless bean instances and increase performance.

Scalability Because stateless session beans are able to service multiple clients, they tend to be more scalable when applications have a large number of clients. When compared to stateful session beans, stateless session beans usually require less instantiation.

Performance An EJB container will never move a stateless session bean from RAM out to a secondary storage, which it may do with a stateful session bean; therefore, stateless session beans may offer greater performance than stateful session beans.

Since no explicit mapping exists between multiple clients and stateless bean instances, the EJB container is free to service any client’s request with any available instance. Even though the client calls the create() and remove() methods of the stateless session bean, making it appear that the client is controlling the lifecycle of an EJB, it is actually the EJB container that is handling the create() and remove() methods without necessarily instantiating or destroying an EJB instance.

Now lets Dive into coding part
project structure looks as below

in eclipse, create an EJB project, now lets start with our persistence.xml file which will act as communication between code and database. please create a datasource in JBoss AS 7.1 and assign it to persistenceUnit

at this point lets talk little bit on the above statefull bean, we can specify various life cycle methods using their annotations like (pre passivate,post activate) and we can even specify the bean timeout for the statefull session bean to be in the bean pool, after that it will be passivated and removed from memory by the EJB container.

Background
The two most significant changes in the proposed EJB 3.0 specification are the use of the program annotation facility introduced in Java 5 and the new O/R mapping model based on Hibernate.
Hibernate
Hibernate is a popular, open source O/R mapping framework for Java environments, meant to shield developers from most common data-persistence-related programming tasks. It also has a specific Hibernate Query Language (HQL), imprints of which can be seen in the new EJB QL. Hibernate offers facilities for data retrieval and update, connection pooling, transaction management, declarative entity relationship management, and declarative and programmatic queries.Bird’s eye view
The changes in the proposed EJB 3.0 specification can be divided into two categories:
• An annotation-based EJB programming model, in addition to the EJB 2.1 model of defining an application’s behaviour through deployment descriptors and several interfaces.
• The new persistence model for entity beans. EJB QL has also changed significantly.

There are also several side effects to these proposals, like a new client-programming model, use of business interfaces, and an entity bean life cycle. Please note that the EJB 2.1 programming model (with deployment descriptors and home/remote interfaces) is still valid. The new simplified model does not entirely replace the EJB 2.1 model.EJB annotations
One of the expert group’s important goals is to reduce the number of artifacts a bean provider must provide, and the group has done a pretty neat job in reaching that goal. In the EJB 3.0 world, all kinds of enterprise beans are just plain old Java objects (POJO) with appropriate annotations. Annotations can be used to define the bean’s business interface, O/R mapping information, resource references, and just about anything else that was defined through deployment descriptors or interfaces in EJB 2.1. Deployment descriptors are no longer required; the home interface is gone, and you don’t necessarily have to implement a business interface (the container can generate it for you).
For example, you declare a stateless session bean by using the @Stateless annotation on the Java class. For stateful beans, the @Remove annotation is marked on a particular method to indicate that the bean instance should be removed after a call to the marked method completes.
To reduce the amount of information you must specify for a component, the expert group has adopted a configuration-by-exception approach, meaning you provide intuitive defaults for all annotations so that most of the common information can be inferred.The new persistence model
The new entity beans are also just POJOs with a few annotations and are not persistent entities by birth. An entity instance becomes persistent once it is associated with an EntityManager and becomes part of a persistence context. A persistence context is loosely synonymous with a transaction context; in strict words, it implicitly coexists with a transaction’s scope.
The entity relationships are also defined through annotations. In addition, O/R mapping is also done through annotations, and support for several database-specific operations is provided. With EJB 2.1, developers used their own design patterns or employed nonportable techniques (for example, auto key generation strategies).Digging deep
It’s now time to get into the specifics of proposals made in the EJB 3.0 early draft. Let’s start with all four types of enterprise beans and then move on to the proposals generic to the whole of the EJB programming model.
Stateless session beans:
A stateless session bean (SLSB), written the EJB 3.0 way, is just a plain Java file with a class-level annotation of @Stateless. The bean class can implement the javax.ejb.SessionBean interface, but is not required to (and typically will not).
An SLSB doesn’t have a home interface anymore—in fact, no EJB type requires it. The bean class may or may not implement a business interface. If it does not implement any business interfaces, a business interface will be generated using all the public methods. If only certain methods should be exposed in the business interface, all of those methods can be marked with the @BusinessMethod annotation. By default, all generated interfaces are local, but the @Remote annotation can be used to indicate that a remote interface should be generated.Stateful session beans
The story with stateful session beans (SFSB) is pretty much the same for SLSB, except for a couple of SFSB-specific points:
• An SFSB should have a way of initializing itself (provided through the ejbCreate() method in EJB 2.1 and earlier). The EJB 3.0 specification suggests that such initialization methods be provided as custom methods and exposed through the bean’s business interface. The onus now lies with the client to call appropriate initialization methods before using the bean. The expert group is still debating the need for providing an annotation that marks a particular method for initialization.
• The bean provider may mark any SFSB method with the @Remove annotation to indicate that the bean instance must be removed after the annotated method is called. Again, the expert group is still discussing whether a facility is necessary for indicating that the bean must not be removed if the method doesn’t complete normally.Entity beans
Entity beans are marked with the @Entity annotation, and all properties/fields in the entity bean class not marked with the @Transient annotation are considered persistent. Entity bean persistent fields are exposed through JavaBean-style properties or just as public/protected Java class fields.
Entity beans can use helper classes for representing entity bean state, but instances of these classes don’t have a persistent identity. Instead, their existence is tied strongly to the owning entity bean instance; also these objects are not shareable across entities.Entity relationships
EJB 3.0 supports both unidirectional and bidirectional relationships between entity beans, which can be one-to-one, one-to-many, many-to-one, or many-to-many relationships. However, the two sides of a bidirectional relationship are distinguished as the owning side and the inverse side. The owning side is responsible for propagating relationship changes to the database. For many-to-many associations, the owning side must be explicitly specified. Actually it’s the reverse side that is specified by the isInverse=true annotation member on the reverse side’s ManyToMany annotation; from that, the owning side is deduced. Now, didn’t the expert group say it was making EJB easier?O/R mapping
The O/R mapping model has also significantly changed from the abstract-persistence-schema-based approach to a Hibernate-inspired one. Though the expert group is still discussing the model, and a clear picture will emerge only with the next draft, this draft features clear indications of the overall approach.
For one, the O/R mapping will be specified in the entity bean class itself by annotations. Also, the approach is to refer to concrete tables and columns instead of the abstract persistence schema. The O/R mapping model has intrinsic support for native SQL; that is, support at a deeper level, not just the ability to run native SQL queries. For example, the column definitions annotation (@Column) has a member columnDefinition that can be something like columnDefinition=”BLOB NOT NULL”.Client programming model
An EJB client can acquire a reference to the bean’s business interface using the injection mechanism (@Inject annotation). Using the newly introduced @javax.ejb.EJBContext.lookup() method is another approach. But the specification is not clear as to how a standalone Java client acquires reference to a bean instance since the standalone Java clients run in a J2EE client container and lack access to the @javax.ejb.EJBContext object. There is yet another mechanism—a newly introduced universal context object: @javax.ejb.Context(). But, again, the spec does not say how this object can be used in a client container.

Please observe @Remote(RemoteInterface.class) in the above implementation, this will help EJB client to search the Remote Bean implementation using JBoss Remoting. Once deployed in the server if the EJB deployed without any error then we should see the below JNDI global entries in the server console

Now its time to write our client code.
An EJB client context is a context which contains contextual information for carrying out remote invocations on EJBs. This is a JBoss AS specific API. The EJB client context can be associated with multiple EJB receivers. Each EJB receiver is capable of handling invocations on different EJBs.
For example, an EJB receiver “ClientA” might be able to handle invocation on a bean identified by app-A/module-A/distinctinctName-A/BeanA!com.ibc.RemoteBeanA, app-B/module-B/distinctName-B/BeanB!RemoteBeanB, etc. Each such EJB receiver knows about what set of EJBs it can handle and each of the EJB receiver knows which server target to use for handling the invocations on the bean. The server IP address and its remoting port should be specified in the properties file placed in the client classpath. This properties file (EJB client context) will then be used internally by the JNDI implementation to handle invocations on the bean proxy.

Create a file “jboss-ejb-client.properties” in the classpath of the application. We can place it in ejbModule folder of our application. The jboss-ejb-client.properties contains the following properties:jboss-ejb-client.properties

Hi all,In my last post we have seen how to orchestrate BPEL process,but today we are going to see how we can develop a BPMN workflow using Camunda.This is also part of SOA stack,in my upcoming posts we will discuss about SOA technologies .

once done we need to decide the conditional flow for the exclusive gateway. this is shown below.

once the request is forwarded to human task based on the condition. Here the condition is the loan approval for a particular department(dept1,dept2) based on this the manager will approve the request for the respective department. lets write the task form for manager to approve the request as below.

please run mvn clean install package, now a war gets generated. Please deploy this war into JBoss Application server deployments folder and now start the camunda cockpit application and camunda tasklist application as shown below.

create an instance by logging with demo/demo into camunda/tasklist application as shown below, since the entered details are for dept1 the approval goes to “john”(manager of dept1).

now go and see the camunda/cockpit it shows the present status of the BPM work flow as shown below.

Now john needs to login into task list to approve his assigned tasks, once he approves a automated mai is triggered to the applicant as shown below.